Contracted IRS tax collectors raise privacy concerns

The private contracting firms hired to collect unpaid tax bills for the Internal Revenue Service are having issues with protecting taxpayer privacy.

A new audit by the Treasury Inspector General for Tax Administration found that the firms contracted by the IRS the are not adequately securing taxpayer data.

One the four firms “could not provide monthly vulnerability scans of systems containing taxpayer data,” and three of the four “were not timely remediating critical- and high-risk vulnerabilities within the required 30 calendar days,” according to the audit.

The report also found that one of companies did not have “a secure mail processing area for payments and did not secure misdirected payments prior to sending them to the IRS.”

Furthermore, during one visit to a firm, investigators witnessed a worker plugging his personal cell phone into a company issued laptop.

“When we asked why they would need to plug the phone into the laptop, the executive responded that it was to download music files. Publication 4812 does not allow the use of personal cell phones in the IRS contract environment;” the report states.

Lawmakers and union leaders alike had suspected these kind of problems and had long fought the program's implementation, but it finally was mandated by the new administration last year.

National Treasury Employees Union National President Tony Reardon said in response to the report findings: “Not only does this program lose money and punish low-income taxpayers, now we learn that taxpayers’ personal information may be compromised by insufficient security protocols, which will cost even more taxpayer money to address.”

“Congress was wrong to force this program on the IRS and replace the professionally trained civil servants of the IRS with for-profit companies that work on commission.”